Vulnerability Description
Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.2 |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_S
- http://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_S
FAQ
What is CVE-2011-1625?
CVE-2011-1625 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malf...
How severe is CVE-2011-1625?
CVE-2011-1625 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1625?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.